Securifi Almond devices with firmware before AL1-R201EXP10-L304-W34 and Almond-2015 devices with firmware before AL2-R088M unintentionally omit the X-Frame-Options HTTP header, which makes it easier for remote malicious users to conduct clickjacking attacks via a crafted web site that contains a (1) FRAME, (2) IFRAME, or (3) OBJECT element.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
securifi almond_firmware |
||
securifi almond-2015_firmware |